Can someone demystify computer Ports for me? Please? Blocking, unblocking, opening, allowing, VPNs and their effect, what ports are and what they do, step by step, when you have to interact with them?
It's the one thing when I'm configuring things that makes me wince because I know it will give me the business, and I know it shouldn't, but it does, every time. I have no real idea what I'm doing, what it is, how it works, so of course I'm blindly following instructions like a monkey at a typewriter.
Imagine your computer is a big block of flats and your applications are all people who live in the building.
Mail sent to the building address alone isn't going to reach the intended recipient, because the postman doesn't know what flat to post it to. So they need additional information such as 'Flat 2C'
That's the basic concept of ports. It's basically additional addressing information to allow your computer to direct internet traffic to the correct applications.
When an application is actively listening on a port, it means that they are keeping an eye out for messages addressed to them, as designated by the port number. While an application is sending or receiving messages using a given port number, that port number is considered 'open'.
Now, all sorts of applications do all sorts of things. Some are for the public to use and there are some that are useful within trusted circles, but can be abused by malicious people if anyone in the world can send messages to it. Thus, we have a firewall, which acts as a gatekeeper. A firewall can 'block' a port, denying access to a given group of people, or 'unblock' it, allowing access.
VPNs are a totally different thing. They are literally middlemen for your internet traffic. Instead of directly posting a message to somewhere and receiving a direct reply back, imagine you flew out to Italy to use a post box there and receive replies from there.
To add to your analogy if i may, the firewall is kind of like a security guard or doorman at the building entrance. All mail has to go through him first and if something is addressed to a closed flat (port) he simply doesnt let it get delivered.
Yep! The security guard is also given a bunch of rules to follow such as "don't let anyone outside of our neighbourhood (aka your local network) contact door 22", which will also determine whether messages get delivered or not
I love your analogy for ports, but I'm not sure about the VPN one.
If you imagine network traffic as mail going through the postal system, then a VPN is like a private mail tunnel between two locations, that nobody else can enter or look into. Mail sent via the tunnel is private and nobody else can read it. The person at the other end of the tunnel can either open the mail themselves (ie a VPN from your laptop to your home server to access it when you're away), or forward the mail somewhere else (ie if you're routing Internet-bound traffic through it) and nobody will know it came from you originally.
I'm not sure that's a completely accurate analogy either. When you're using a VPN people can still see that you are sending traffic through your tunnel, they just can't tell what it is that you're sending. It's like looking through frosted glass; there's definitely something moving in there but you can't tell what.
I suppose the best way to describe it is you send a locked box to a trusted friend; everyone handling it can see the box but can't tell what's inside. Inside the box is a letter, your friend posts it so it looks like it came from them. Your friend then gets a reply, puts it in a locked box, and send it back to you. Nobody between you and your friend can snoop on your mail but anyone between your friend and the final destination can.
Yeah, but if you're communicating with the buttplug store, the specific contents of the box don't really matter. You still want a trusted friend to not tell people where you get your boxes from.
To expand on port forwarding, consider your router to be the lobby to your apartment building, but you get to choose which rooms are reachable by an outside visitor.
Port forwarding would be like if all the apartments were listed 1-[x] inside the building, but 1A-1Z, 2A-2Z and so on to outsiders. Someone sends a message to <address>, apartment 2Y, and the lobby knows that actually goes to apartment 51.
To expand on that analogy... certain services need entry into the building and then from there, they get distributed throughout the building.
Water comes in on the water line.
Electricity comes in on the electric wire.
Internet may come in on coaxial or fiber.
Gas comes in on the natural gas pipeline.
Your computer has ports to deal with basic tasks. These are called "well known port numbers".
Just reading that URL and I'm sorry (to the author of that article), but there's no way there are 50 ports "you should know". 443, 80, 22, and that's about it. Maybe whatever the SMPT port is just for interest's sake, but that's very rarely going to be important practical knowledge. And there are some ports outside the well-known port range that might be handy. Your VPN's port, your DB's port. But even then, you're not getting anywhere near 50.
Cyber security guy here: we care about 22 for SSH, 443 and 80 for Web traffic, 3389 for RDP and 21 for FTP. Everything else we google and we all have to google 21 and 3389 because we all forget them half the time anyway.